The Network Security Toolbox

Wireshark (formerly Ethereal)	The most powerful network sniffer & protocol analyzer; comes with a GUI and is also available for windows http://www.wireshark.org
tcpdump	the ultimate network sniffer http://www.tcpdump.org
ngrep	tcpdump + grep = ngrep http://ngrep.sourceforge.net
ping/traceroute/nslookup/telnet	The standard tools even available on Windows; on Windows you'll find ping's -t option useful; on Windows traceroute is named tracert
nmap	THE network scanner; it was even used in the movie "The Matrix" :) http://www.insecure.org/nmap/
hping2	allows you to do a ping/traceroute with the packets you want (e.g. you think your ISP is blocking some P2P protocol by sending RST packets? go find out!) http://www.hping.org a pre-compiled version Windows XP SP2 is available from Darknet
netcat	The TCP/IP Swiss Army Knife. http://netcat.sourceforge.net
Paros	A great tool for web application security assessment; its "trap" feature allows you to modify HTTP requests and responses on the fly! http://www.parosproxy.org
WebScarab	Open Web Application Security Project's WebScarab works like Paros but is even more powerful! A real must have for web application security assessment. http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
dig	The standard tool for quering DNS servers; for windows you can find it in the binary distribution of BIND http://www.isc.org
Stunnel	The SSL Wrapper http://www.stunnel.org
Cygwin	A Linux-like environment for Windows; It allows you to use tools such as: - curl: do HTTP/HTTPS and FTP/FTPS request your way - wget: simple but effective way to automate your downloads - whois: tool for searching in WHOIS databases - netcat (nc): The TCP/IP Swiss Army Knife - OpenSSH: free implementation of SSH - OpenSSL: free implementation of SSL/TLS http://www.cygwin.com
Nessus	The ultimate vulnerability scanner http://www.nessus.org
Snort	The ultimate network intrusion detection environment (NIDS) http://www.snort.org
AIDE	The Advanced Intrusion Detection Environment; even though it's a host based intrusion detection environment (HIDS) it's often your last line of defense against an intrusion into your network. http://www.cs.tut.fi/~rammer/aide.html
GnuPG	An OpenPGP implementation; the following plugins allow an integration into your mail user agent: - GPGol: Outlook plugin; http://www.g10code.com/p-gpgol.html - Enigmail: Plugin for Mozilla/Netscape and Thunderbird; http://enigmail.mozdev.org http://www.gnupg.org
dumpnet	A great backup tool I have written myself; it was tested on Windows/Cygwin, RedHat Fedora Core Linux, Novell/SUSE Linux, Debian GNU/Linux, FreeBSD, OpenBSD and Solaris. http://dumpnet.sourceforge.net
Putty	A great SSH client for windows. http://www.chiark.greenend.org.uk/~sgtatham/putty/
Sam Spade	Network query tool with a windows GUI that integrates dig, whois, finger, traceroute, ping and others http://www.samspade.org
SuperScan v3 & v4	Network scanner with a GUI for windows; I find versions 3 and 4 to be quite different but both very useful www.foundstone.com/resources/proddesc/superscan.htm
VisualRoute	Visual traceroute that will give you geographical information; for Windows only http://www.visualroute.com
Sysinternals Tools	The windows netstat command is fine, but it's nothing against Sysinternal's TCPView; for windows only Sysinternal's tools not related to networking are exceptional too: Autoruns, Diskmon, Filemon, Portmon, Procexp, pstools, Regmon, RootkitRevealer, strings (the latter being more essential than exceptional) http://www.sysinternals.com http://www.microsoft.com/technet/sysinternals/default.mspx Note: Sysinternals was acquired by Microsoft in July 2006.
UltraEdit	The best text editor for Windows; I don't go anywhere without it :) http://www.ultraedit.com
VMWare Workstation	There is a life before and after VMWare; it allows you to virtualize hardware so that you can run almost any x86 operating system from within your regular OS. I run SUSE, Fedora, Debian, FreeBSD, OpenBSD, Solaris and Windows NT with it.
Unspecified Sniffers & Exploit Tools	To be better prepared for attacks against your network you will want to use the tools your enemies are using; as making available these tools is a criminal offence in Austria (see Convention on Cybercrime, Article 6) I cannot provide any links here :(

Additionally the following URLs and mailing lists will prove very useful:

URLs

Common Vulnerabilities and Exposures (CVE)	http://www.cve.mitre.org
SecurityFocus	http://www.securityfocus.com
X-Force, Internet Security Systems, Inc. (ISS)	http://xforce.iss.net
SANS Institute	http://www.sans.org
SANS Internet Storm Center	http://isc.sans.org
National Vulnerability Database (formerly known as I-CAT)	http://nvd.nist.gov
NIST Computer Security Resource Center (CSRC)	http://csrc.nist.gov
The CERT operated by the Carnegie Mellon University	http://www.cert.org
United States Computer Emergency Readiness Team	http://www.us-cert.gov
Secunia Portal Website	http://secunia.com
The Cassandra Tool (provided by CERIAS at Purdue University)	https://cassandra.cerias.purdue.edu/main/index.html

Mailing List

BugTraq [bugtraq@securityfocus.com]	http://www.securityfocus.com/archive
Full-Disclosure [full-disclosure@lists.grok.org.uk]	https://lists.grok.org.uk/mailman/listinfo/full-disclosure
Secunia Security Advisories [sec-adv@secunia.com]	http://secunia.com/secunia_security_advisories/
SANS NewsBites	http://www.sans.org/newsletters/newsbites/
SANS @Risk: The Consensus Security Alert	http://www.sans.org/newsletters/risk/
US-CERT Technical Cyber Security Alerts [technical-alerts@us-cert.gov]	http://www.us-cert.gov/cas/signup.html
US-CERT Cyber Security Bulletins [security-bulletins@us-cert.gov]	http://www.us-cert.gov/cas/signup.html
Vulnwatch [vulnwatch@vulnwatch.org]	http://www.vulnwatch.org/subscribe.html
NIST's Computer Security Publications [compsecpubs@nist.gov]	http://csrc.nist.gov/compubs-mail.html